Vulnerability Description
CISA Thorium does not escape user controlled strings used in LDAP queries. An authenticated remote attacker can modify LDAP authorization data such as group memberships. Fixed in 1.1.1.
CVSS Score
5.4
MEDIUM
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisa | Thorium | >= 1.0.0, < 1.1.1 |
Related Weaknesses (CWE)
References
- https://github.com/cisagov/thorium/commit/7c94a0b9bc2dc55e0c307360452f348bac0682Patch
- https://github.com/cisagov/thorium/releases/tag/1.1.1Release Notes
- https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2025-35431Third Party Advisory
FAQ
What is CVE-2025-35431?
CVE-2025-35431 is a vulnerability with a CVSS score of 5.4 (MEDIUM). CISA Thorium does not escape user controlled strings used in LDAP queries. An authenticated remote attacker can modify LDAP authorization data such as group memberships. Fixed in 1.1.1.
How severe is CVE-2025-35431?
CVE-2025-35431 has been rated MEDIUM with a CVSS base score of 5.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-35431?
Check the references section above for vendor advisories and patch information. Affected products include: Cisa Thorium.